|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/compasssysweb/calendar/CalciumDir39/Operation/ |
Upload File : |
# Copyright 1999-2003, Fred Steinberg, Brown Bear Software
# Specify who can do what to this calendar.
package AdminSecurity;
use strict;
use CGI (':standard');
use Calendar::GetHTML;
use vars ('@ISA');
@ISA = ('Operation');
sub perform {
my $self = shift;
my $i18n = $self->I18N;
my ($save, $cancel, $anyOrSelected) =
$self->getParams (qw (Save Cancel AnyOrSelected));
my $calName = $self->calendarName;
if ($cancel) {
my $op = $calName ? 'AdminPage' : 'SysAdminPage';
print $self->redir ($self->makeURL ({Op => $op}));
return;
}
my @userNames = User->getUserNames;
my $username = $self->getUsername;
my $masterPerm = Permissions->new (MasterDB->new);
my $message;
# if we're getting saved, save it.
if ($save) {
$self->{audit_formsaved}++;
$self->{audit_orig} = $self->permission->getUserHash;
if ($calName) {
$self->permission->setAuthenticatedUser ('None');
$self->permission->setAnonymous (param ("AnonRadio"));
foreach (@userNames) {
my $level = param ("UserRadio-$_");
$level ||= 'None';
$self->permission->set ($_, $level);
}
# Anyone who has Sys Admin, gets Admin everywhere
foreach (@userNames) {
$self->permission->set ($_, 'Admin')
if ($masterPerm->permitted ($_, 'Admin'));
}
# Make sure they don't remove their own admin privs
unless ($self->permission->permitted ($username, 'Admin')) {
$self->permission->set ($username, 'Admin');
$message = $i18n->get ('Sorry, you cannot remove ' .
'Administration permissions ' .
'for yourself.');
}
# hack for storing new cal default perms
} else {
$self->permission->set ('SysDefault-AuthenticatedUser', 'None');
$self->permission->set ('SysDefault-AnonymousUser',
param ('AnonRadio'));
foreach (@userNames) {
my $level = param ("UserRadio-$_");
$level ||= 'None';
$self->permission->set ("SysDefault-$_", $level);
}
}
}
print header;
print start_html ('-title' => 'Calcium - ' .
$i18n->get ('Security') . ': ' .
($calName ||
$i18n->get ('System Defaults')),
'-bgcolor' => 'white');
if ($calName) {
print GetHTML->AdminHeader (I18N => $i18n,
cal => $calName,
section => 'Security');
} else {
print GetHTML->SysAdminHeader ($i18n, 'Security');
}
my $helpString = $i18n->get ('AdminSecurity_HelpString');
if ($helpString eq 'AdminSecurity_HelpString') {
($helpString =<<" END_INSTRUCTIONS") =~ s/^ +//gm;
There are four levels of increasing security: <b>View Only</b>,
<b>Add Events</b>, <b>Edit Events</b>, and <b>Administer</b>.
Higher levels include permission for all lower ones, so anyone
with Edit permission can also View and Add events, while those
with Administer permission can do anything. <i>Note that any
user with System Administration Permission will always have
Administer permission in any calendar.</i>
END_INSTRUCTIONS
}
print table ({width => '90%', align => 'center'}, Tr (td ($helpString)));
print '<br><center>';
if (Permissions->new (MasterDB->new)->permitted (undef, 'Admin')) {
my $url = $self->makeURL ({Op => 'SysSecurity',
CalendarName => undef});
print '<p>';
print $i18n->get ('<b><font color="red">Warning:</font></b> ' .
'Anonymous users have System Administration ' .
'Permission.');
print '<br>';
my $x = $i18n->get ('Go to the <a href="%s">System Administration ' .
'Security Settings</a> to change this.');
printf ($x, $url);
print '</p>';
}
if ($username) {
print $i18n->get ('You are currently logged in as') .
' <b>' . $username . '.</b><br><br>';
} else {
print '<p>';
print $i18n->get ('You are <b>not</b> currently logged in.') .
' ';
my $loginURL = $self->makeURL ({Op => 'UserLogin',
DesiredOp => 'AdminSecurity'});
print a ({href => $loginURL}, $i18n->get ('Login'));
print '</p>';
}
print "<p>$message</p>" if $message;
print '</center>';
my $anonAdmin;
# hack for storing new cal default perms
$anonAdmin = defined $calName ? $self->permission->getAnonymous
: $self->permission->get
('SysDefault-AnonymousUser');
print startform;
my @permValues = (qw (None View Add Edit Admin));
my %permLabels = (None => $i18n->get ('No Access'),
View => $i18n->get ('View Only'),
Add => $i18n->get ('Add Events'),
Edit => $i18n->get ('Edit Events'),
Admin => $i18n->get ('Administer'));
my $anyoneString = $i18n->get ("Default Security level. This applies to " .
"users who haven't logged in.");
my @radios = radio_group (-name => "AnonRadio",
-values => \@permValues,
-labels => \%permLabels,
-override => 1,
-default => "\u$anonAdmin");
my $whoTable = table (Tr (td ({-colspan => 10}, $anyoneString)),
Tr (td (table ({-align => 'center'},
Tr (td ([$radios[0], ' ',
$radios[1], ' ',
$radios[2], ' ',
$radios[3], ' ',
$radios[4]]))))));
my ($color, $color2) = ('#eeeeee', '#cccccc');
my @rows;
foreach (sort {lc($a) cmp lc($b)} @userNames) {
my $perm;
# hack for storing new cal default perms
if ($calName) {
$perm = $self->permission->get ($_);
$perm = 'Admin' if $masterPerm->permitted ($_, 'Admin');
} else {
$perm = $self->permission->get ("SysDefault-$_") || 'View';
}
my @radios = radio_group (-name => "UserRadio-$_",
-values => \@permValues,
-labels => \%permLabels,
-override => 1,
-default => "\u$perm");
push @rows, Tr ({-bgcolor => $color},
td ($_),
td ({-align => 'center'},
table (Tr (td ([@radios])))));
($color, $color2) = ($color2, $color);
}
my $boxTable =
table ({-border => 0,
-cellspacing => 0,
-cellpadding => 0},
th ({-align => 'center'},
['<u>' . $i18n->get ('Username') . '</u>',
'<u>' . $i18n->get ('Permission Level') . '</u>']),
@rows);
print table ({-width => '90%',
-align => 'center',
-bgcolor => '#cccccc'},
Tr (td (GetHTML->SectionHeader
($i18n->get ('Current Permissions / ' .
'Set New Permissions')))),
Tr (td ({align => 'center'}, table (Tr (td ($whoTable))))),
Tr (td ({align => 'center'},
$boxTable)));
print '<br>';
print '<hr>';
print submit (-name => 'Save',
-value => $i18n->get ('Set Permissions')); print ' ';
print submit (-name => 'Cancel',
-value => $i18n->get ('Done'));
print ' ';
print reset;
print hidden (-name => 'Op', -value => 'AdminSecurity');
print hidden (-name => 'CalendarName', -value => $calName) if $calName;
print endform;
print end_html;
}
sub auditString {
my ($self, $short) = @_;
return unless $self->{audit_formsaved};
my $line = $self->SUPER::auditString ($short);
my $perms = $self->permission->getUserHash;
my $info;
foreach (sort keys %{$self->{audit_orig}}) {
next if ($self->{audit_orig}->{$_} eq $perms->{$_});
$info .= " [$_: $self->{audit_orig}->{$_} -> $perms->{$_}]";
}
return unless $info; # don't report if nothing changed
return $line . $info;
}
1;